101 lines
3.2 KiB
Java
101 lines
3.2 KiB
Java
package com.baeldung.controllers;
|
|
|
|
import com.baeldung.models.UserCredentials;
|
|
import org.apache.shiro.SecurityUtils;
|
|
import org.apache.shiro.authc.AuthenticationException;
|
|
import org.apache.shiro.authc.UsernamePasswordToken;
|
|
import org.apache.shiro.subject.Subject;
|
|
import org.springframework.stereotype.Controller;
|
|
import org.springframework.ui.ModelMap;
|
|
import org.springframework.web.bind.annotation.GetMapping;
|
|
import org.springframework.web.bind.annotation.PostMapping;
|
|
import org.springframework.web.bind.annotation.RequestMapping;
|
|
import org.springframework.web.bind.annotation.RequestMethod;
|
|
import org.springframework.web.servlet.mvc.support.RedirectAttributes;
|
|
|
|
import javax.servlet.http.HttpServletRequest;
|
|
|
|
@Controller
|
|
public class ShiroSpringController {
|
|
|
|
@GetMapping("/")
|
|
public String index() {
|
|
return "index";
|
|
}
|
|
|
|
@RequestMapping( value = "/login", method = {RequestMethod.GET, RequestMethod.POST})
|
|
public String login(HttpServletRequest req, UserCredentials cred, RedirectAttributes attr) {
|
|
|
|
if(req.getMethod().equals(RequestMethod.GET.toString())) {
|
|
return "login";
|
|
} else {
|
|
Subject subject = SecurityUtils.getSubject();
|
|
|
|
if(!subject.isAuthenticated()) {
|
|
UsernamePasswordToken token = new UsernamePasswordToken(
|
|
cred.getUsername(), cred.getPassword(), cred.isRememberMe());
|
|
try {
|
|
subject.login(token);
|
|
} catch (AuthenticationException ae) {
|
|
ae.printStackTrace();
|
|
attr.addFlashAttribute("error", "Invalid Credentials");
|
|
return "redirect:/login";
|
|
}
|
|
}
|
|
|
|
return "redirect:/secure";
|
|
}
|
|
}
|
|
|
|
|
|
@GetMapping("/secure")
|
|
public String secure(ModelMap modelMap) {
|
|
|
|
Subject currentUser = SecurityUtils.getSubject();
|
|
String role = "", permission = "";
|
|
|
|
if(currentUser.hasRole("admin")) {
|
|
role = role + "You are an Admin";
|
|
}
|
|
else if(currentUser.hasRole("editor")) {
|
|
role = role + "You are an Editor";
|
|
}
|
|
else if(currentUser.hasRole("author")) {
|
|
role = role + "You are an Author";
|
|
}
|
|
|
|
if(currentUser.isPermitted("articles:compose")) {
|
|
permission = permission + "You can compose an article, ";
|
|
} else {
|
|
permission = permission + "You are not permitted to compose an article!, ";
|
|
}
|
|
|
|
if(currentUser.isPermitted("articles:save")) {
|
|
permission = permission + "You can save articles, ";
|
|
} else {
|
|
permission = permission + "\nYou can not save articles, ";
|
|
}
|
|
|
|
if(currentUser.isPermitted("articles:publish")) {
|
|
permission = permission + "\nYou can publish articles";
|
|
} else {
|
|
permission = permission + "\nYou can not publish articles";
|
|
}
|
|
|
|
modelMap.addAttribute("username", currentUser.getPrincipal());
|
|
modelMap.addAttribute("permission", permission);
|
|
modelMap.addAttribute("role", role);
|
|
|
|
return "secure";
|
|
}
|
|
|
|
|
|
@PostMapping("/logout")
|
|
public String logout() {
|
|
Subject subject = SecurityUtils.getSubject();
|
|
subject.logout();
|
|
return "redirect:/";
|
|
}
|
|
|
|
}
|